The Impact of Cyber Activity on Traditional Resiliency Programs

Traditional resiliency designs are most often predicated upon the ability to restore an IT environment to a point whereby the business can resume operations. Reducing the amount of down time, along with being able to minimize data loss (measured using Recovery Time and Recovery Point Objectives) are the keys to a successful resilience program.

These objectives have held up over time in defining the actual techniques required to resume the IT function in support of overarching business objectives. When applied to a full recovery at an enterprise level, this approach has proven sound and is acknowledged across the industry as the optimal way to design and implement a resiliency strategy and overall program.

Recent changes in the dynamics of a potential outage, primarily being driven by a growing set of threats in the form of cyber activity, have demanded a rethinking of how a response should be handled. More specifically, evolving threats are now focused on potentially smaller targets with greater levels of impact that can prevent a company from conducting business that look to damage or worse yet hold for ransom critical information within the firm. This increased level of compromise requires not only that an expedited response be in place but likewise necessitates that more complete, accurate, and protected systems and information be always available to immediately resume business processing.

An innovative approach that specifically deals with managing aggressive response times and increased system and data protection is necessary when directing an explicit response to a concentrated event. This intensely focused reply does not warrant an extensive design using conventional recovery techniques, but looks to enhancements that utilize evolving capabilities to leverage automation and orchestration to bring the business back online in a more expedient, efficient manner.

Advanced techniques enable a quicker response that can be measured in minutes, with immediate access to a clean, validated repository of protected systems and data. Implementing an updated resilience design in the form of an isolated vault that has systems and data being continuously scanned and determined to be free of the adverse mechanisms that can cause an outage is critical in responding to the aggressive business objectives being brought forth in cyber conversations.

Both designs, traditional recovery for a site outage and a more focused effort for a cyber event, are significant to providing end to end resiliency for any organization. As the threat landscape continues to evolve the need for renewed resiliency designs and enhanced approaches in determining how to best manage an appropriate response to an adverse event will be forefront in strategy and design discussions.

Regardless of size or magnitude, how we respond in terms of speed and accuracy may vary based upon the scenario under consideration, but both require significant focus towards bringing the business back on line with accurate and clean systems and data as quickly and efficiently as possible.

Joe Starzyk is a Senior Solutions Executive with IBM Resiliency Services and a Member of the IBM Academy of Technology, with over 37 years of experience in the IT and Resiliency industry.

Drj.com has thousands of articles that will help you learn more about a disaster recovery plan. We have been in the disaster recovery industry for many years and we have partnered with the world's top experts when it comes to business continuity and gathering reliable information on disaster recovery plan templates.